couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Camille Harang <mammi...@yooook.net>
Subject Re: OAuth for authorization (not authentication)
Date Tue, 19 Jul 2011 09:34:01 GMT
Hi Jan, thanks a lot for your answer, even if that's what I dread :-/ I
hope I can find another way to make Couch match my needs (smart proxy
maybe). Otherwise I'll keep Couch in mind for my next project, hoping it
won't have the same requirements or if other solutions appears until
then, because Couch is such a good piece of software! I want to use it.
Thanks!

Cheers,

Camille.



Le 19/07/2011 11:20, Jan Lehnardt a écrit :
> Hi Camille,
>
> The OAuth implementation in CouchDB is very limited (due
> to constraints in the original development phase). The
> implementation does not allow fine-grained token-based
> access to specific contents of one or more databases
> inside CouchDB, but only the authentication against a
> CouchDB user in the CouchDB authentication layer. Once
> a request is auth'd, there is no more OAuth machinery
> inside CouchDB and you are left with CouchDB's security
> mechanics:
>
>   http://wiki.apache.org/couchdb/Security_Features_Overview
>   http://blog.couchbase.com/whats-new-in-couchdb-1-0-part-4-securityn-stuff
>
> Cheers
> Jan


-- 
The Good, the Bad and the Ugly under Creative Commons! https://yooook.net/r/lp1


Mime
View raw message